package com.cmpe451.nutty.security;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.util.Assert;

import com.cmpe451.nutty.so.GuiUser;

/**
 * @author CmpE Group 2 Fall 2014 nuttyconfirmation@gmail.com
 */
public class AuthenticationProcessingFilter extends UsernamePasswordAuthenticationFilter {

	@Override
	public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException {
		Authentication authentication = super.attemptAuthentication(request, response);
		if (authentication.isAuthenticated()) {
			Object principal = authentication.getPrincipal();
			Assert.isInstanceOf(GuiUser.class, principal, "Assertion Error! Principal must be a user!");
		}

		return authentication;
	}
}
